#!/bin/sh
set -e

TESTDIR="$(readlink -f "$(dirname "$0")")"
. "$TESTDIR/framework"

setupenvironment
configarchitecture 'i386'
confighashes 'MD5'

insertpackage 'unstable' 'foo' 'i386' '1.0'
insertsource 'unstable' 'foo' 'any' '1.0'

setupaptarchive --no-update
APTARCHIVE="$(readlink -f ./aptarchive)"

msgmsg 'Release contains only weak hashes'
FILENAME="${APTARCHIVE}/dists/unstable/InRelease"
MANGLED="$(readlink -f ./rootdir)/var/lib/apt/lists/partial/$(echo "$FILENAME" | sed 's#/#_#g')"
testfailuremsg "E: Failed to fetch file:${FILENAME}  No Hash entry in Release file ${MANGLED} which is considered strong enough for security purposes
E: Some index files failed to download. They have been ignored, or old ones used instead." apt update
testnopackage foo
testnosrcpackage foo

msgmsg 'Release contains no hashes'
sed -i -e '/^ / d' -e '/^MD5Sum:/ d' "$APTARCHIVE/dists/unstable/Release"
signreleasefiles
testfailuremsg "E: Failed to fetch file:${FILENAME}  No Hash entry in Release file ${MANGLED}
E: Some index files failed to download. They have been ignored, or old ones used instead." apt update
testnopackage foo
testnosrcpackage foo

msgmsg 'Release contains only weak hashes for some files'
confighashes 'MD5' 'SHA256'
generatereleasefiles
sed -i '/^ [0-9a-fA-Z]\{64\} .*Sources$/d' "$APTARCHIVE/dists/unstable/Release"
signreleasefiles
testwarningmsg "W: Skipping acquire of configured file 'main/source/Sources' as repository 'file:${APTARCHIVE} unstable InRelease' provides only weak security information for it" apt update
testsuccess apt show foo
testnosrcpackage foo